There is a vulnerability in IBM® Runtime Environment Java™ Version 8 used by IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3.0, and IBM Spectrum Conductor with Spark 2.2.1. IBM Spectrum Conductor 2.4.1, IBM Spectrum Conductor 2.4.0, IBM Spectrum Conductor 2.3, and IBM Spectrum Conductor with Spark 2.2.1 have addressed the applicable CVE.
CVEID:CVE-2020-2590
**DESCRIPTION:**An unspecified vulnerability in Java SE related to the Java SE Security component could allow an unauthenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.
CVSS Base score: 3.7
CVSS Temporal Score: See: https://exchange.xforce.ibmcloud.com/vulnerabilities/174538 for the current score.
CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N)
Affected Product(s) | Version(s) |
---|---|
IBM Spectrum Conductor | 2.2.1 |
IBM Spectrum Conductor | 2.4 |
IBM Spectrum Conductor | 2.4.1 |
IBM Spectrum Conductor | 2.3 |
Product(s) | Version(s) | APAR | Remediation/Fixes |
---|---|---|---|
IBM Spectrum Conductor with Spark | 2.2.1 | None | cws-2.2.1-build558155 |
IBM Spectrum Conductor | 2.3.0 | None | sc-2.3-build557908 |
IBM Spectrum Conductor | 2.4.0 | None | sc-2.4-build557907 |
IBM Spectrum Conductor | 2.4.1 | None | sc-2.4.1-build557906 |
None
CPE | Name | Operator | Version |
---|---|---|---|
ibm spectrum conductor | eq | 2.2.1 | |
ibm spectrum conductor | eq | 2.3.0 | |
ibm spectrum conductor | eq | 2.4.0 | |
ibm spectrum conductor | eq | 2.4.1 |